This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Start Preparing Now for the Post-Quantum Future

Quantum computing will break most of the encryption schemes on which we rely today. These five tips will help you get ready.

Search on the phrase "quantum computing," and you'll find a furious debate. On the one hand, you'll read breathless articles predicting groundbreaking advances in artificial intelligence, genomics, economics, and pretty much every field under the sun. On the other, you'll find the naysayers: It's all hype. Large-scale quantum computers are still decades away — if they're possible at all. Even if they arrive, they won't be much faster than standard computers except for a tiny subset of problems.

There's one area, however, where you'll find all sides agree: Quantum computing will break most of the encryption schemes on which we rely today. If you're responsible for your organization's IT or security systems, and that sentence made the hair on the back of your neck stand up, good. To get ready for a post-quantum world, you should be thinking about the problem now.

So Long, EncryptionMuch of the debate around what quantum computers can do remains speculative, but there are a few areas where we know they'll excel. Back in 1994, mathematician Peter Shor developed a quantum algorithm that can perform certain types of calculations, such as finding the prime factors of huge numbers, far more quickly than classical computers. Well, today's most widely used encryption systems rely on those types of calculations.

Large-scale quantum computers will be able to use Shor's algorithm to break all public key systems that employ RSA (integer factorization-based), Diffie—Hellman (finite field discrete log-based), and Elliptic Curve (elliptic curve discrete log-based) Cryptography. These algorithms underpin essentially all of the key exchange and digital signature systems in use today. Once reasonably sized quantum computers capable of operating on tens of thousands of logic quantum bits (qubits) exist, these public key algorithms will become useless.

For the moment, quantum computing at those scales is still hypothetical. Current quantum computers, like those being developed by IBM and Google, can process a limited number of qubits. But researchers are pushing those limits every day.

"It might still cost an enormous amount of money to build," says one of those researchers, MIT's Isaac Chuang. "But now it's much more an engineering effort, and not a basic physics question."

Time Is Not on Your SideSo, breaking RSA and other common encryption schemes sounds pretty bad. But if large-scale quantum computers are still 10 to 15 years away, as even optimistic researchers believe, we have plenty of time to develop post-quantum cryptography solutions, right? Not really. There are two issues.

First, if you accept that 10- to 15-year window, products shipping right now will still be in the field when the first large-scale quantum computers come online. Consider Internet of Things (IoT) devices like connected cars, smart power and water meters, control systems for major power, and transportation infrastructure. Many of those devices are designed to operate for a decade or longer. Almost all of them use RSA.

Second, while some of the world's brightest minds are working on "quantum-safe" encryption mechanisms, the process will take time. Implementing the new standards they ultimately recommend will take even longer.

Think about every process and device in your organization that relies on public key systems: Email. Authentication. Every online financial transaction. How long will it take to change and update those systems? Years, most likely. If you're in a heavily regulated industry like financial services, with complex and specific compliance requirements, expect the process to take even longer.

"It has taken almost 20 years to deploy our modern public key cryptography infrastructure," notes the National Institute of Standards and Technology (NIST) in its "Report on Post-Quantum Cryptography." "It will take significant effort to ensure a smooth and secure migration from the current widely used cryptosystems to their quantum computing resistant counterparts. Therefore, regardless of whether we can estimate the exact time of the arrival of the quantum computing era, we must begin now to prepare our information security systems to be able to resist quantum computing."

Take ActionIt may take a while for industry groups to settle on the best approaches to post-quantum encryption and authentication, but you don't have to wait. There are steps you can take now to prepare:

Keep an eye out: Monitor the development of both quantum computers and post-quantum standards and protocols, especially when designing IoT devices with a 10-year-plus lifespan.

Double key sizes: If you think your current systems will still be around when quantum computing debuts, double your key sizes for symmetric algorithms. A good place to start is AES-256, which is not much less efficient than the shorter key versions. For collision-resistant hash functions, use SHA-512.

Embrace the hash: Hash-based signatures are a viable quantum-safe trust mechanism you can use in the near future, with NIST expected to standardize them in 2019. These signatures can also be used to securely deploy more advanced quantum-safe technologies in the future.

Mix and match crypto: Some in the financial industry are exploring hybrid cryptography, which combines conventional RSA or elliptic-curve cryptography with one or more of the new "quantum-resistant" algorithms. In this model, cracking a key exchange would require an attacker to break multiple encryption schemes at once.

Talk to your provider: Make sure you're talking to your cryptography provider about their plans for quantum-resistant computing, particularly if you're producing IoT-enabled products with long operating lives. An experienced provider should be able to help you build quantum-resistant crypto into your deployments, such as certificate-based authentication using public key infrastructure.

The debate around quantum computing will likely rage on, and we may not have clear answers to the biggest questions for several years. But smart IT and cybersecurity professionals are taking a proactive approach. By starting to prepare now for a post-quantum world, you can make sure that when the wave comes, you're able to ride it — instead of getting crushed.

Timothy Hollebeek has 19 years of computer science experience, including eight years working on innovative security research funded by the Defense Advanced Research Projects Agency. He then moved on to architecting payment security systems, with an emphasis on encryption and ... View Full Bio

It is true that potential number-theoretic breakthroughs could threaten RSA before quantum computers do. I know several experts who view this as an additional reason to move to post-quantum methods before that happens.

However, it is not true that smart people have ignored or neglected the problem of finding better classical factoring algorithms. Plenty of effort has been expended by some extremely smart number theoreticians for a long, long time, yet 2048-bit numbers still cannot be factored in "minutes" as you suggest.

Making these trends all the more important is the notion that secure quantum communications will be the next big thing after 5G -- and, thus, critical to national security, as highlighted by a recent USAF report.

In particular, the report pointed to recent experiments involving a Chinese launched satellite from which tthe altering of quantum subparticles entangled with quantum subparticles on Earth affected the latter subparticles -- and further experimentation in that field by scientists around the globe.

"While some of the world's brightest minds are working on "quantum-safe" encryption mechanisms, the process will take time..."

It's all very well being "some of the world's brightest minds", but when number theoretic problems like integer factoriation are solved in practically fast polynomial time on classical computers, thanks to a very deep understanding of number theory translated into clever and efficient algorithms that can break RSA-1024, 2048 or 4096 in a matter of minutes, then quantum computers will become a rather moot point. It's like saying I can build a ten tonne hydraulic steam hammer press, and it can crack all types of nuts instantly, including cashews, walnuts, almonds and brazils, when in fact a small, hand-held vise-like tool can perform the job just as well, and with magnitudes less effort and expense. Added further to that, is the fact that with quantum computers, there's a form of 'quantum cop-out', where we have no greater understanding of number theory than we did before, we simply rely on quantum spookiness to solve our problems for us, instead of old fashioned ingenuity, tenacity and resilience when tackling difficult mathematical problems. You'd be suprised how far you could progress in solving these problems classically, if you but only tried. Maybe some old-fashioned discernment and wisdom would go a long way in general in the modern world. If as many people as are working on quantum computers, worked with as much effort and enthusiasm on understanding number theory problems, then these problems would have been solved satisfactorily quickly and efficiently many years ago, all the while increasing our insight into the nature of these problems, and having many important and useful corollaries and knock-on effects in other fields as well.

As cyber threats grow, many organizations are building security operations centers (SOCs) to improve their defenses. In this Tech Digest you will learn tips on how to get the most out of a SOC in your organization - and what to do if you can't afford to build one.

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution .

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.

Adobe Acrobat and Reader versions 2019.010.20069 and earlier, 2019.010.20069 and earlier, 2017.011.30113 and earlier version, and 2015.006.30464 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .